THE STACK

On September 5th a critical vulnerability affecting the Apache Struts 2 framework was made public with the release of an updated version 2.5.13.

There is already publicly available exploit code for metasploit circulating for this vulnerability (be careful if you use this code, we can't vouch for its security and early release exploit code sometimes targets the user).